Carrier IQ speaks out: Points finger at networks, customers

Carrier IQ speaks out: Points finger at networks, customers

Summary: In a clarified statement, Carrier IQ all but blames the networks and the unwitting customers for accepting the terms and conditions for using the tracking software-laden devices.

SHARE:

In a bid to "clarify misinformation" on the functionality of the Carrier IQ software, the company has updated its statement issued last month to claw back the damning reports that were filed this week.

In the statement it says:

"[Our] software does not record, store or transmit the contents of SMS messages, email, photographs, audio or video. For example, we understand whether an SMS was sent accurately, but do not record or transmit the content of the SMS. We know which applications are draining your battery, but do not capture the screen".

It continues:

"As a condition of its contracts with Operators, CIQ operates exclusively within that framework and under the laws of the applicable jurisdiction. The data we gather is transmitted over an encrypted channel and secured within our customers’ networks or in our audited and customer-approved facilities".

Though it does not answer many of the questions posed by the media, at least on the upside the data is encrypted when sent back to headquarters.

In regards to earlier reports that Carrier IQ alleging that the company violated wiretap laws, it "vigorously disagrees" with such assertions.

But in an apparent act of self defence, the company points the fingers at the cell networks and the customers themselves for 'using' the service in the first place; in a bid to deflect harm away from the company:

"We are deployed by leading Operators to monitor and analyze the performance of their services and mobile devices to ensure the system (network and handsets) works to optimal efficiency".

"Carrier IQ acts as an agent for the Operators. Each implementation is different and the diagnostic information actually gathered is determined by our customers – the mobile Operators. Carrier IQ does not gather any other data from devices".

Adding more fuel to the fire, it makes attempts to justify its role in the cellular industry:

"Our software allows Operators to figure out why problems are occurring, why calls are dropped, and how to extend the life of the battery. When a user calls to complain about a problem, our software helps Operators’ customer service more quickly identify the specific issue with the phone".

AllThings D report:

"While CIQ might “listen*” to a smartphone’s keyboard, it’s listening for very specific information. Company executives insist it doesn’t log or understand keystrokes. It’s simply looking for numeric sequences that trigger a diagnostic cue within the software. If it hears that cue, it transmits diagnostics to the carrier".

It is no the first time that the U.S. government has issued a secret, warrantless court order for data before, using the controversial Electronic Communications Privacy Act.

Speaking to Andrew Coward, Carrier IQ's vice-president of marketing, AllThingsD hit the nail on the head. It's the carriers that are to 'blame', and the customers for accepting the terms of conditions that seemingly authorise the use of such diagnostic tools.

Granted, the carriers dictate the contract with its customers, so there is a fair amount of blame to be thrown at the carriers for snapping up licenses to the software service. It's the mobile networks that also dictate how long the data is stored, rather than legislative agenda.

Storm in a teacup, or is the teacup the size of New York City? At the moment it's cat and mouse between the company that tracks mobile users, and the carriers that authorise the tracking.

I feel like I've walked onto the set of one of the Bourne Trilogy films.

Related:

Topics: Mobility, Government, Government US, Hardware

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

18 comments
Log in or register to join the discussion
  • RE: Carrier IQ speaks out: Points finger at networks, customers

    So, it's not our fault, it's our customers fault that made us do it. If I were their client, I would drop em like it's hot.
    tatiGmail
    • HTC, Samsung, LG, etc. knew exactly what this service was doing and they ..

      @tatiGmail: ... ordered this criminal scope of tracking of their users.

      They could follow Apple's way -- on their devices this service does not work by default and even when it works it collects only tiny portion of information (basically irrelevant to privacy concerns), comparing to wall-to-wall spying as on many other devices.

      So both Carrier IQ and HTC, Samsung, LG, et cetera are to blame.
      dderss
      • RE: Carrier IQ speaks out: Points finger at networks, customers

        @dderss

        Wasn't Apple the pioneer in doing this? In that way, they are following Apple's way.
        mm71
      • Doing what? Apple never tracked keystokes, electronic mails et cetera

        @mm71: they gathered coordinates of the nearest cellular and Wi-Fi points of signal to get speedier assisted GPS locations and build their own mapping service.

        Their main error was that the size of cashe of these locations was set to astronomic 2 MB, what for this type of data lasts forever. It made no sense obviously, and they had to correct it. And better manage switching on/off of this location service.
        dderss
  • It's a confession

    It's spyware, his comments are a confession, saying they don't send the CONTENTS of emails, SMSs etc, is really a confession that they send the rest of it. URLs, media names, senders, recipients, meta data etc.

    Blaming Carriers is confirming they think there is a bad thing that apportions blame.

    Claiming customers agreed to it, is a legal ploy and also patently false. Customers were never informed what this software does, so could never agree to something they are unaware of.

    I read their Experience manager product sheet, it says they:
    "Capture a vast array of experience data including screen transitions, button presses, service interactions and anomalies"
    "View application and device feature usage, such as camera, music, messaging, browser and TV"

    This explains why it intercepts URLs in the browser and keystrokes (both on the dialer and on the handset) and the security experts analysis suggests Carrier IQ are being deliberately evasive.

    Evasiveness is a strong indicator of illegality.
    guihombre
  • RE: Carrier IQ speaks out: Points finger at networks, customers

    They built it and put the ability in there, end of story and here comes a class action suit.
    Alan Smithie
    • RE: Carrier IQ speaks out: Points finger at networks, customers

      @Alan Smithie

      So gun companies are responsible for shootings?

      The carriers and possibly the OEMs will take the biggest hit, and rightfully so. There's are allot of products that have malicious uses but also have completely legitimate uses.

      In the end, CarrierIQ is probably right. The T&Cs everyone agrees to in order to get voice/data service will be a CYA for those companies leveraging the software. They'll all just get some black eyes, bumps and bruises in the court of public opinion. But at the end of the day, when most, if not all are guilty, how many consumers will actually drop AT&T in favor of Verizon? How many will switch from their Android or iPhone to WP7?
      TroyMcClure
      • RE: Carrier IQ speaks out: Points finger at networks, customers

        @piousmonk <br><br>The gun analogy is the one that came to mind for me - CIQ is the one who built the gun and bullets. It seems like networks and carriers are the ones pulling the trigger.<br><br>Somehow, it seems that the blame is going to the victims. It is the victims fault for standing in the way of the bullet that came out of the gun that was aimed at them. The gun that that CIQ built and the carriers aimed and fired.<br><br>Of course, the victims likely signed a two-year contract with their carriers saying they were okay with bullets being shot at them..... Anything for a cheaper gun, err phone.
        zyvxn
      • RE: Carrier IQ speaks out: Points finger at networks, customers

        @piousmonk Comparing this to gun shootings is ridiculous! Most people understand what a gun does and the danger it poses. However most people have no idea what they are agreeing to when it comes to this. Because of that you can't compare the two scenarios.
        ctleng76
  • RE: Carrier IQ speaks out: Points finger at networks, customers

    I can see now where I agreed to this on the iPhones that I configured, if I chose to send information to help improve the product - check the box while configuring the iPhone. But on the Android you don't have any choice. Your only real choice, if you actually read the terms and conditions, would be to not buy the phone. To me this makes it absurd to blame the customer for accepting the terms of the product. And since the only option to turn it off on an Android phone is to root the phone and void your warranty, that is doubly ridiculous.

    For an iPhone I can say that yes, the user does allow this transfer of data. On an Android you can't blame the user, only the carrier that installed it on the phone.
    boomchuck1
    • RE: Carrier IQ speaks out: Points finger at networks, customers

      @boomchuck1 Actually you are incorrect. Android DOES ask the user upon first powering up the device if the user would like Google to collect anonymous usage data.
      ctleng76
  • RE: Carrier IQ speaks out: Points finger at networks, customers

    Frankly, the Carriers are to blame for adding this program to their phones without giving the customer the RIGHT to ACCEPT or DENY use of the service on the handset. CarrierIQ should also be to blame for use of their product without government pre-approval before marketing it to the Carriers (Vendors of Cellular Devices).

    Once this hits FACEBOOK and scatters out amongst those on the net not aware of it, CarrierIQ will certainly get hit hard as well as the Cell Providers who put the product on their Phones and don't offer an OPT OUT option on use of the service on their phone.

    Legitimately, a CLASS ACTION LAWSUIT should bring the entire subject to a head. The Carriers (Vendors / Providers) of Cell Phones and Cell Service should be ultimately held accountable and forced to pay all previous and current users back for jacking their phones with this program without giving the customer the OPT OUT option on its use.
    Evisscerator
  • I hate to agree

    But it is the carriers and Apple that blundered in installing nasty software and not disclosing it. It undeniably proves that the vendors that did this cannot be trusted, especially if they act like it is no big deal.<br><br>But I also understand why the carriers didn't care. This is nothing compared to forcing customers to bow down to multi-year contracts with excessive early termination fees, overpricing phones, and killing unlimited data plans so users rack up high bills.
    lschw1
  • RE: Carrier IQ speaks out: Points finger at networks, customers

    i Like the last line ..
    sansw05
  • RE: Carrier IQ speaks out: Points finger at networks, customers

    How about one for the conspiracy theorists? The type of data being collected or potentially collected is just the type of data Homeland Security would love. Based on their previous attempts to gather clandestine tracking data might this product actually be the next generation? Think about it, get a heavy duty tracking and recording application widely dispersed under guise of network control, which it actually can and does do. Then flip a switch on specific devices and you get complete or near complete tracking of suspected "terrorist". Big Brother would have a field day.
    SmithDM
  • RE: Carrier IQ speaks out: Points finger at networks, customers

    this is why i have a dumb phone that i can change any time.so screw off big brother.
    sarai1313@...
  • RE: Carrier IQ speaks out: Points finger at networks, customers

    'Carrier IQ acts as an agent for the Operators. Each implementation is different and the diagnostic information actually gathered is determined by our customers ??? the mobile Operators. Carrier IQ does not gather any other data from devices???.

    They need to explain their other customer, Nielsen, the ratings folks. The carriers didn't agree to data share with them, and the carrier contract didn't ask us if we agreed to share with them either. If this is purely for diagnostics, why would Nielsen care about the data. There must be additional data collecting happening or planned to meet their needs.
    trjcasper
  • RE: Carrier IQ speaks out: Points finger at networks, customers

    I don't see what the big deal is. They collected data to locate problems and to improve service, where is the problem in that? I can see there is a problem in that it wasn't "approved" by the user. That isn't right. However, the data they collected simply was done to fix problems, pinpoint errors and to improve the service. Wow, that's just demonic. People are so hyper about security and privacy nowadays that they freak out over the most trivial matters.
    dallasdeckard@...